Allow access to one particular Vlan from all other Vlans

Unanswered Question

Hi,

I need created vlan2(192.168.1.1/24),vlan3(192.168.2.1/24),vlan4(192.168.3.1/24),vlan5(192.168.4.1) on my 3560 L3 switch.

I placed a network printer in my Vlan6(192.168.6.1).

I want all the vlans to able to access the printer.But except Vlan6 none of the vlans should be able to talk to each other.How can I achieve this?

Also all vlans should be able to go to internet and can browse.

Topology is like internet--->router(Natted)--->Switch(VLANS here).

Any idea/hint would be of gr8 help.

Reg,

Sushil

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
huzefamerji Tue, 04/22/2008 - 23:56

Dear you have not clearly mention .........i guess.........have u set .....interface vlan or not to each vlan

huzefamerji Tue, 04/22/2008 - 23:59

Configuration looks like this..........

configure(terminal)interface vlan 2

ip address 192.168.1.1

likewise to each and every vlan.....

you know why this would do layer 3 routing

if u get me pls reply

huzefamerji Wed, 04/23/2008 - 00:24

sushil.........

i should see that in you case layer 3 routing is not working thats it.....

otherwise your switch is multilayer it shoud work

Thanks for the info.I am just using entry level L3 switch.Here is the config for the same.Forget about communciation about vlans.

router(config)#

interface ehternet0/0

ip address 122.x.x.114/30

ip nat outside

interface ethernet0/1

10.0.0.1/8

ip nat inside

exit

access-list 101 permit ip 10.0.0.0 0.255.255.255 any

ip nat inside source list 101 interface ethernet0/0 overload

Ip route 0.0.0.0 0.0.0.0 eth0/0

Ip name- server dns1

Ip name-server dns2

Switch L3:

Switch 3560(Config)#

Interface Fe0/48

Description to internet router

No switchport

IP routing

IP address 10.0.0.2/8.

VTP Domain Cisco

VTP mode Server

Vlan_2 name Engineer

IP address 192.168.1.1/24

Vlan_3 name marketing

IP address 192.168.2.1/24

Int Fe0/2

Switchport access Vlan_2

Switchport mode access

Int Fe0/2

Switchport access Vlan_3

Switchport mode access

IP route 0.0.0.0 0.0.0.0 10.0.0.1 (i.e the IP of the internal int of the router)

Now I am able to ping the 10.0.0.2 from 192.168.1.0 and 192.168.2.0 network.But not able to ping 10.0.0.1(internal gateway of the router.

I also created one more access list on router to learn the router inside traffic from VLAN network with following command.

Ip route 192.168.0.0 255.255.0.0 10.0.0.2(i.e the ip of the switch).

Still nothing seems to happening.

I just want to use different vlans and needs to access internet and don't want the vlans to communicate among each other.(Without using vlan I am able to access internet thorugh default vlan i.e using native vlan)

Suggest what all I am missing.

Reg,

Sushil

jdeprince Wed, 04/23/2008 - 14:17

Hi,

this is my first post ever! (just got my CCNA

yesterday)

I find that reading these posts and their comments

and solutions help me understand it even more.

Unfortunatly, I haven't seen L3 switches yet.

But could you show us the IP routing table

from the switch and router ?

Actions

This Discussion